Cyber Security Engineer – DevSecOps IRC286484

Description

• Expertise in secure API integration design and implementation
• Expertise in the OWASP top 10 for web applications, and LLMs, along with mitigation and remediation techniques
• Extensive experience in cybersecurity within software engineering environments.
• Experience with a programming language (C/C++, Python, Go, JavaScript / TypeScript, Rust)
• Proficiency in cloud security, threat detection, data analysis, and incident response.
• Expertise with security tools such as BurpSuite, PyRIT, Garak, MitM, Metasploit, Wireshark, Wiz, Sonarqube
• Experience standing up Security tooling to automate security hygiene, analysis, reporting or otherwise host tools or enhance intel capabilities
• Strong technical knowledge of microservice architecture, content distribution networks, data lakes, serverless functions, and databases.
• Familiarity with various cloud platforms and DevOps tools.
• Excellent analytical and problem-solving skills.
• Strong communication skills, both written and verbal.
• Ability to independently develop and implement security solutions.
• Experience in developing and implementing automated security testing functions.

Requirements

• Data Analysis and Security Monitoring: Conduct comprehensive analysis of security data from microservice architectures, content distribution networks, data lakes, serverless functions, and databases.
• Use SIEM tools to correlate security events and identify anomalies.
• Incident Response and Management: Participate in incident response efforts, perform root cause analysis, and implement or suggest corrective actions to mitigate security breaches. Develop and maintain incident response playbooks.
• Supply Chain Security: Assess and mitigate security risks associated with the supply chain, like open source libraries, ensuring end-to-end security
• Software Security Flaws Mitigation: Identify and address software security flaws and misconfigurations to enhance overall security posture.
• Perform code reviews and static/dynamic analysis. Languages include but not limited to Python, C++, C#, JS, Python, HCL
• Security Solutions Development: Develop and implement custom security solutions, minimizing reliance on paid services. Create security automation scripts and integrate security tools into CI/CD pipelines.
• Automating Security Test Functions: Develop and implement automated dynamic security testing functions to ensure continuous security validation.

Job responsibilities

• Threat Modeling: Develop and maintain comprehensive threat models across embedded platforms, cloud services, and software applications to proactively identify, prioritize, and mitigate potential vulnerabilities throughout the system development lifecycle.
• Embedded Platform Penetration Testing: Conduct regular penetration tests and security assessments of embedded platforms to proactively identify and remediate vulnerabilities unique to embedded systems and hardware integration.
• Cloud-hosted Application Penetration Testing: Conduct regular penetration tests and security assessments on cloud-hosted applications to proactively identify and remediate vulnerabilities unique to embedded systems and hardware integration.
• Red-Teaming AI-Backed Services: Conduct regular adversarial testing and red-teaming exercises focused on AI-powered services and machine learning models. Proactively identify and exploit potential vulnerabilities unique to AI systems and collaborate with legal and engineering teams to remediate security risks specific to AI and automated decision-making capabilities.
• Threat Detection and Analysis: Utilize advanced security tools like Cloud Security Posture Management platforms, open-source pen-testing tools, SIEMs, and SASTs to identify, analyze, validate, and stop vulnerabilities from entering the environment. Perform regular penetration testing and vulnerability assessments.
• Bachelor’s or Master’s degree in Computer Science, Computer or Electrical Engineering, Mathematics, or a related field.

 

 

GlobalLogic estimates the starting pay range for this role to be performed in Dallas, TX, to be $120,000 to $130,000 and reflects base salary only. This pay range is provided as a good-faith estimate, and the amount offered may be higher or lower. GlobalLogic takes many factors into consideration in making an offer, including candidate qualifications, work experience, operational needs, travel and onsite requirements, internal peer equity, prevailing wage, responsibilities, and other market and business considerations.

What we offer

Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. 

Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.

Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.

Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!

High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.